This comes under the notion that if you don't ask, you don't learn.
I did some dovecot2 updates, so naturally I decided to test the mail
system. When I mail a message to myself, this is the TLS notification:
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
However I do recei
On 2016-11-11 11:16, li...@lazygranch.com wrote:
> This comes under the notion that if you don't ask, you don't learn.
It is a bit off topic, yes.
> I did some dovecot2 updates, so naturally I decided to test the mail
> system. When I mail a message to myself, this is the TLS notification:
> (usi
That does explain a lot, but why when I "talk to myself" (send myself email) do
I get a lower grade (less bits) of encryption than when another server is
sending mail? Is there some parameter I need to set in postfix?
Original Message
From: Sven Schwedas
Sent: Friday, November 11, 2016 2:5
On 2016-11-11 12:08, li...@lazygranch.com wrote:
> That does explain a lot, but why when I "talk to myself" (send myself email)
> do I get a lower grade (less bits) of encryption than when another server is
> sending mail? Is there some parameter I need to set in postfix?
Which particular algori
So is this level of encryption something openssl sets up? That is where do I
set the parameter?
Original Message
From: Sven Schwedas
Sent: Friday, November 11, 2016 3:15 AM
To: li...@lazygranch.com; postfix-users@postfix.org
Subject: Re: bits of encryption
On 2016-11-11 12:08, li...@lazygra
Wietse,
Thanks for your response.
I can consistently send a 1 MB attachment to a recipient with no issues, but
consistently get "421 4.4.2 service timed out. (in reply to end of DATA
command)" with a 3 MB attachment sent to the same recipient.
I have turned off tcp_window_scaling on my postfix s
I also set tcp_windowsize = 65535 but this had no effect on the ability to
send the emails.
Rob A wrote
> Wietse,
>
> Thanks for your response.
>
> I can consistently send a 1 MB attachment to a recipient with no issues,
> but consistently get "421 4.4.2 service timed out. (in reply to end o
On 11 Nov 2016, at 6:21, li...@lazygranch.com wrote:
So is this level of encryption something openssl sets up?
Yes and no. The partners in an encrypted session negotiate the details
of a ciphersuite when the session is established, based on both of their
configurations. For Postfix, the conf
On 11/10/2016 6:00 PM, b...@bitrate.net wrote:
> On Nov 10, 2016, at 17.17, Noel Jones wrote:
>>
>> On 11/10/2016 4:05 PM, btb wrote:
>>> hi-
>>>
>>> i have an "appliance" which submits mail. it's inflexible,
>>> unfortunately, and uses crappy values for the envelope sender and the
>>> from: head
> On Nov 11, 2016, at 10.34, Noel Jones wrote:
>
> On 11/10/2016 6:00 PM, b...@bitrate.net wrote:
>> On Nov 10, 2016, at 17.17, Noel Jones wrote:
>>>
>>> On 11/10/2016 4:05 PM, btb wrote:
hi-
i have an "appliance" which submits mail. it's inflexible,
unfortunately, and us
Rob A:
> Wietse,
>
> Thanks for your response.
>
> I can consistently send a 1 MB attachment to a recipient with no issues, but
> consistently get "421 4.4.2 service timed out. (in reply to end of DATA
> command)" with a 3 MB attachment sent to the same recipient.
>
> I have turned off tcp_windo
On 11/11/2016 03:21 AM, li...@lazygranch.com wrote:
So is this level of encryption something openssl sets up? That is where do I
set the parameter?
Original Message
From: Sven Schwedas
Sent: Friday, November 11, 2016 3:15 AM
To: li...@lazygranch.com; postfix-users@postfix.org
Subject: Re: bi
On Fri, 11 Nov 2016 09:54:48 -0500
"Bill Cole" wrote:
> On 11 Nov 2016, at 6:21, li...@lazygranch.com wrote:
>
> > So is this level of encryption something openssl sets up?
>
> Yes and no. The partners in an encrypted session negotiate the
> details of a ciphersuite when the session is establ
Thus far, 4096 bit encryption hasn't been an issue. When I see email without
encryption, it is because their service doesn't offer it. Telus (Canada) being
a prime example.
Original Message
From: Alice Wonder
Sent: Friday, November 11, 2016 11:01 AM
To: postfix-users@postfix.org
Subject: R
On 11/11/2016 11:00 AM, Alice Wonder wrote:
On 11/11/2016 03:21 AM, li...@lazygranch.com wrote:
So is this level of encryption something openssl sets up? That is
where do I set the parameter?
Original Message
From: Sven Schwedas
Sent: Friday, November 11, 2016 3:15 AM
To: li...@lazygranch.co
On 11.11.2016 12:21, li...@lazygranch.com wrote:
> So is this level of encryption something openssl sets up? That is where do I
> set the parameter?
You might want to read
https://bettercrypto.org/static/applied-crypto-hardening.pdf
It has background information and configuration examples for m
I did a search to see if Schneier changed his mind. He still prefers AES128.
Ditto on the bettercrypto link. Back to lurking...
Original Message
From: Alice Wonder
Sent: Friday, November 11, 2016 12:44 PM
To: postfix-users@postfix.org
Subject: Re: bits of encryption
On 11/11/2016 11:00 A
17 matches
Mail list logo
